The Cybersecurity (CSEC) Questionnaire: Individual Differences in Unintentional Insider Threat Behaviours

Abstract

The present study identifies a number of individual difference traits that are related to cyber hygiene behaviour in order to develop a brief questionnaire. The resulting questionnaire identifies basic vulnerabilities in users’ practices consisting of updating software, changing passwords, and disclosure of information on social media platforms (SMPs). Using existing scales assessing individual differences (i.e., conscientiousness, extraversion, and openness, regulatory focus), we argue that the cybersecurity scale (CSEC) can be used to identify individuals within an organization that need remedial education and training. Moreover, CSEC scores differentiate between assessment disclosure vulnerability and intrusion vulnerability, allowing for the identification of different kinds of cybersecurity practices.